TCP Overview
31 January 2014
�TCP/IP Protocol Stack
OSI Reference Model
7
Application
Presentation
Session
TCP/IP Conceptual Layers
Application
Transport
Transport
Network
Internet
Data Link
Physical
Network
Interface
Ethernet,
802.3, 802.5,
FDDI, and so
on.
31 January 2014
�Transport Layer Overview
Application
Transport
Internet
Transmission Control
Protocol (TCP)
User Datagram
Protocol (UDP)
Network
Interface
Hardware
31 January 2014
�TCP
Defined in RFC 793
Reliable
- Acknowledgments
- Guarantee of packet delivery
- Delayed Ack Piggybacking
- Reassembly of out of order data
- Discards duplicates caused by IP
- Provided end-to-end flow control
- finite buffer size
31 January 2014
�TCP
Connection oriented
- Segments are dependent
- Maintain state information of segments
- Segments can take different routes
- Segments are delivered in order to the application
layer
Full Duplex
31 January 2014
�TCP Segment Format
# Bits
16
16
32
Source
Port
Dest.
Port
Sequence
Number
32
Acknowledgement
HLEN
Number
16
16
16
0 or 32
Window
Checksum
Urgent
Pointer
Options
31 January 2014
Reserved
Code
Bits
Data...
�Port Numbers
Application
Layer
Transport
Layer
F
T
P
T
E
L
N
E
T
S
M
T
P
D
N
S
T
F
T
P
S
N
M
P
21
23
25
53
69
161
31 January 2014
TCP
Port
Numbers
UDP
�TCP Port Numbers
Source
Port
Dest.
Port
Telnet Z
Ephemeral Ports
31 January 2014
Host A
Host Z
SP
DP
1028
23
Dest. port = 23.
Send packet to my
Telnet
application.
�TCP Handshake/Open Connection
Host A
Send SYN
(seq=100 ctl=SYN)
31 January 2014
Host B
SYN received
�TCP Handshake/Open Connection
Host A
Send SYN
(seq=100 ctl=SYN)
SYN received
31 January 2014
Host B
SYN received
2
Send SYN
(seq=300 ack=101 ctl=syn,ack)
10
�TCP Handshake/Open Connection
Host A
Send SYN
(seq=100 ctl=SYN)
SYN received
Host B
SYN received
2
Send SYN
(seq=300 ack=101 ctl=syn,ack)
Established
(seq=101 ack=301 ctl=ack)
31 January 2014
11
�TCP Handshake/Open Connection
Host A
Send SYN
(seq=100 ctl=SYN)
SYN received
Established
(seq=101 ack=301 ctl=ack)
Data Segment
(seq=101 ack=301 ctl=ack
Data)
31 January 2014
Host B
SYN received
2
Send SYN
(seq=300 ack=101 ctl=syn,ack)
12
�TCP Simple Acknowledgment
Sender
Receiver
31 January 2014
Window size = 1
13
�TCP Simple Acknowledgment
Sender
Receiver
Send 1
Receive 1
31 January 2014
Window size = 1
14
�TCP Simple Acknowledgment
Sender
Receiver
Send 1
Receive 1
Send ACK 2
Receive ACK 2
31 January 2014
Window size = 1
15
�TCP Simple Acknowledgment
Sender
Receiver
Send 1
Receive 1
Send ACK 2
Receive ACK 2
Send 2
Receive 2
31 January 2014
Window size = 1
16
�TCP Simple Acknowledgment
Sender
Receiver
Send 1
Receive 1
Send ACK 2
Receive ACK 2
Send 2
Receive 2
Send ACK 3
Receive ACK 3
Window size = 1
31 January 2014
17
�TCP Simple Acknowledgment
Sender
Receiver
Send 1
Receive 1
Send ACK 2
Receive ACK 2
Send 2
Receive 2
Send ACK 3
Receive ACK 3
Send 3
Receive 3
31 January 2014
Window size = 1
18
�TCP Simple Acknowledgment
Sender
Receiver
Send 1
Receive 1
Send ACK 2
Receive ACK 2
Send 2
Receive 2
Send ACK 3
Receive ACK 3
Send 3
Receive 3
Send ACK 4
Receive ACK 4
31 January 2014
Window size = 1
19
�TCP Windowing
Sender
31 January 2014
Receiver
20
�TCP Windowing
Sender
Window size = 3
Send 1
Receiver
Window size = 3
Send 2
Window size = 3
Send 3
31 January 2014
21
�TCP Windowing
Sender
Window size = 3
Send 1
Receiver
Window size = 3
Send 2
Window size = 3
Send 3
ACK 1
Window size = 2
ACK 2
Window size = 2
ACK 3
Window size = 2
31 January 2014
22
�TCP Windowing
Sender
Window size = 3
Send 1
Receiver
Window size = 3
Send 2
Window size = 3
Send 3
ACK 1
Window size = 2
ACK 2
Window size = 2
Window size = 3
Send 4
ACK 3
Window size = 2
Window size = 3
Send 5
31 January 2014
23
�TCP Windowing
Sender
Window size = 3
Send 1
Receiver
Window size = 3
Send 2
Window size = 3
Send 3
ACK 1
Window size = 2
ACK 2
Window size = 2
Window size = 3
Send 4
Window size = 3
Send 5
ACK 3
Window size = 2
ACK 4
Window size = 2
ACK 5
Window size = 2
31 January 2014
24
�TCP Sequence and Ack Numbers
Source
Port
Dest.
Port
Sequence
#
Acknowledgement
#
I just
sent #10.
Source Dest. Seq. Ack.
1028
23
10
31 January 2014
25
�TCP Sequence and Ack Numbers
Source
Port
Dest.
Port
Sequence
#
Acknowledgement
#
I just
sent #10.
I just got #10,
now I need #11.
Source Dest. Seq. Ack.
1028
23
10
Source Dest. Seq. Ack.
23
31 January 2014
1028
26
11
�TCP Sequence and Ack Numbers
Source
Port
Dest.
Port
Sequence
#
Acknowledgement
#
I just
sent #10.
I just got #10,
now I need #11.
Source Dest. Seq. Ack.
1028
23
10
Source Dest. Seq. Ack.
23
1028
Source Dest. Seq. Ack.
1028
23
11
31 January 2014
27
11
�TCP Connection Closure
Host A
31 January 2014
Send FIN
Host B
FIN received
28
�TCP Connection Closure
Host A
Send FIN
ACK received
31 January 2014
Host B
FIN received
Send ACK
29
�TCP Connection Closure
Host A
Send FIN
ACK received
FIN received
31 January 2014
Host B
FIN received
Send ACK
Send FIN
30
�TCP Connection Closure
Host A
Send FIN
ACK received
FIN received
31 January 2014
Send ACK
Host B
FIN received
Send ACK
Send FIN
ACK received
31
�TCP Connection Closure
Since TCP is full-duplex, connection must be
shut down from both sides independently
- it takes 4 segments to close the connection
completely
Active close initiation of first FIN request
Passive close initiation of second FIN
request
31 January 2014
32
�Connection closure sequence
Application closes the session
TCP sends FIN to the server
Server TCP sends ACK to client
Server TCP informs application
Server application closes the session
Server TCP sends FIN
Client TCP sends ACK to server
31 January 2014
33
�TCP Connection Closure
Half-close is also possible
- Only one side discontinue transmission
- Most of the present applications do not use halfclose
31 January 2014
34
�Half-Close
Host A
31 January 2014
Send FIN
Host B
FIN received
35
�Half Close
Host A
Send FIN
ACK received
31 January 2014
Host B
FIN received
Send ACK
36
�Half Close
Host A
Host B
Send FIN
ACK received
FIN received
Send ACK
Send Data
Segment
31 January 2014
37
�Timeout during Connection Setup
When initiator does not receive SYN-ACK
- Resends SYN after some time
- First retry after 6 sec
- Second retry after 24 sec
- Stops retrying after 75 seconds (Unix system)
- These times are implementation dependent
31 January 2014
38
�MSS
Maximum Segment Size
- Exchanged with the initial SYN packets as an
optional field
- MSS does not appear in other packets
- If MSS value is not received default value
assumed is 536 bytes
- 536+20IPhdr+20TCPHdr = 576byte IP datagram
31 January 2014
39
�MSS
Larger the MSS, better it is for the protocol
efficiency, provided it is not fragmented
MSS may be at the most
= MTU 20 20 byte
- For Ethernet = 1500-20-20 = 1460
If destination is non-local, MSS normally
defaults to 536
MSS is configurable value
31 January 2014
40
�MSS
When two sides announce different MSS,
they normally settle down to the lower value.
- This is not mandatory
- Avoids fragmentations
- Not necessarily eliminate fragmentations if
intermediate links have even lower MTU
- Use MTU discovery mechanism to avoid this
31 January 2014
41
�Non-delivery of TCP Segments
Non delivery is indicated by non-receipt of
ACK at sender side
This may be caused by
- Loss of packet
Due to congestion
Due to error in header
Due to error in data
- Loss of ACK
- Delayed delivery by IP
31 January 2014
42
�Non-delivery of TCP Segments
Non-receipt of ACK is decided by
- Retransmission timer
- Receipt of duplicate ack
TCP assumes that the non-delivery is
because of congestion
Reduces the window size when the packet is
declared as undelivered
- Not an efficient way if loss of packet is due to a
transmission error
31 January 2014
43
�Types of Connection Closure
Orderly release graceful shutdown
- When closure initiated by applications
- No loss of data
- Using FIN segment
Abortive release
- Abrupt termination
- Using reset (RST)
31 January 2014
44
�Variation in Connection Open and Close
Simultaneous Opening
- Both sides send SYN
- Both sides respond with SYN-ACK
Simultaneous Closure
- Both sides send FIN
- Both sides send ACK
31 January 2014
45
�RST
Generated on receipt of an incorrect TCP
segment
- Packet does not belong to the referenced
connection, determined by
IP
Port number
Sequence number
Generated on receipt of connection request to
an nonexistent port
Generated by application when it aborts the
application
31 January 2014
46
�RST
At sender side, any queued data is thrown
away
At the receiver side, APIs used should be
able to inform application about the abortive
release
31 January 2014
47
�PSH
PUSH Flag
Indicates to the receiver to send the data to
the application without further delay
Used in the interactive applications or during
interactive operations
Also used when last portion of the data is
sent by sender stack
31 January 2014
48
�Half-open Connections
One side abruptly terminates the session
May be caused by
- System crash
- Machine powered off without graceful shutdown
Server will not know the closure and will be in
wait state
Security risk
31 January 2014
49
�Interactive Data Flow
Tinygrams
- Small data flow during interactive applications
- Example: Rlogin
Nagle Algorithm (RFC 896)
- TCP connection can have only one outstanding
small segment that is not yet acknowledged
- Small data is collected by TCP and sent together
when Ack is received for previous small segment
- Might cause problem when ASCII escape
character is involved (special function keys)
31 January 2014
50
�Interactive Data Flow
Repacketisation
- Sending retransmission and next segment in the
same segment
TCP protocol spoofing
- Used when delay is high, bandwidth is sufficent
- Improves user experience and application
performance
- Used in VSATs
31 January 2014
51
�Sliding Window
Start small slow start
Grow exponentially
Bound by upper limit of window size
Reduces window size when encounter
segment loss
Increases window size again
- Offered window size
- Usable window size
31 January 2014
52
�Sliding Window
Slow Start
- Rate of transmission depends on rate of receipt of
acknowledgments
- A flow control imposed by sender based on its
assessment of congestion in the network
31 January 2014
53
�Congestion Avoidance
Indication of loss of packet
- Timeout
- Duplicate ACK
On receiving duplicate ACK reduce usable
window size to half
If congestion is indicated by timeout, reduce
usable window size to one, initiate slow start
31 January 2014
54
�Fast Retransmit
When three or more duplicate ACK received,
retransmit the un-ACKed packets without
waiting for timeout of retransmission timer
31 January 2014
55
�Reading Assignment
Congestion Avoidance
Slow Start
Fast Retransmit
Fast Recovery
31 January 2014
56
�Congestion Avoidance
Indication of loss of packet
- Timeout
- Duplicate ACK
Two variables
- cwnd (congestion window)
- ssthresh(slow start threshold)
On congestion, ssthresh = cwnd/2
If congestion is indicated by timeout, cwnd is
set to one, slow start
31 January 2014
57
�Thank you!
31 January 2014
58
